I do intend to get back to my four-part series on whether Google’s collection of information from residential Wi-Fi networks violated the Wiretap Act. That issue is being litigated in the Northern District of California in a consolidated class action of home wireless network users, and the earlier posts in my series examined the plaintiffs’, Google’s, and the district court’s arguments on this issue. See Part I; Part II. Since I wrote the first two posts, the Ninth Circuit weighed in, affirming the district court’s denial of Google’s motion to dismiss, allowing the plaintiffs to proceed with their complaint.
Since that post, there’s been another development: Google has filed a petition for rehearing and rehearing en banc. And they’ve brought in a bigger gun to do so — noted Supreme Court advocate Seth Waxman — indicating perhaps how far they intend to take this. Google has two basic arguments for why a rehearing should be granted. First, Google attacks what I called the panel’s “radio means radio” interpretation of the term “radio communications” — “radio communications” means “stuff you listen to on a radio” — is unworkable. Second, Google argues that the panel should never have reached the issue of whether wi-fi communications are “readily accessible to the general public” under an ordinary-language approach to that term, because that question involves disputed issues of fact. In the rest of this post I’ll review these two arguments.
If you’re wondering why Google is pushing this issue so hard, one reason might be the size of the possible damages award. The Wiretap Act has a statutory damages provision that permits an award of $10,000 per person for violations; it’s unclear how many people might be members of the class, but it probably numbers in at least the hundreds and perhaps thousands. A class of 5,000 people would mean a possible statutory damages award of $50 million.
On the first argument, Google essentially makes the same arguments I did in Part II of my series — the text of the Wiretap Act and the legislative history plainly indicate that whatever “radio communication” is supposed to mean, it goes far beyond traditional radio broadcasting, and encompasses both data and video transmissions as well. This is important because “readily accessible” is defined for “radio communications” but not for other communications, and the definition appears to include unencrypted wi-fi transmissions. Reading “radio communications” narrowly threatens to empty several exceptions in the Wiretap Act of operative content. Google probably goes too far when it suggests it would also make the legality of watching television unclear, but the point remains that the panel’s reading is hard to square with what Congress actually said and did.
For its second argument, Google points out the odd procedural posture of the appeal — a certified interlocutory appeal of its denied motion to dismiss. Given that it was a motion to dismiss, the district court’s task was only to determine if the plaintiffs stated a valid complaint, and Judge Ware seems to have done that. (See 794 F. Supp. 2d 1067, 1083 (“Thus, the Court finds that Plaintiffs plead facts sufficient to support a claim that the Wi-Fi networks were not ‘readily accessible to the general public,’ such that exemption G1 would not apply.”).) But the panel seemed to resolve the question for the entire litigation: “We now hold, in agreement with the district court, that payload data transmitted over an unencrypted Wi-Fi network is not ‘readily accessible to the general public’ and, consequently, that Google cannot avail itself of the § 2511(2)(g)(i) exemption.” Slip op. at 32-33.
Google appears to be correct that the panel went too far. But then Google goes farther itself and argues that not only did the panel improperly determine the merits of the G1 exception, but it determined those merits incorrectly. This is technically irrelevant to Google’s argument, but it gives us a preview of what Google might argue on remand should it prevail. The problem for Google is that, if the case comes down to a plain-language interpretation of G1, I don’t think its argument is persuasive.
First, take Google’s reliance on the 1973 case of United States v. Hall, 488 F.2d 193, 196 (9th Cir. 1973), which it says the panel “disregarded.” Google quotes Hall as concluding that “[b]roadcasting communications into the air by radio waves is more analogous to carrying on an oral communication in a loud voice or with a megaphone than it is to the privacy afforded by a wire.” But this statement is being wrenched from its context. Hall is a pre-ECPA case involving mobile radio-telephones — essentially, walkie-talkies — that were easily picked up with a common scanner. The defendants in Hall were using the radio-telephones to communicate from their cars while engaged in drug trafficking. Their conversations were overheard by “a Tucson housewife, who listens to her radio while doing housework, . . . on her eight-band, 150-170 megacycle radio,” perhaps like this one. 150 to 170 MHz appear to be public safety frequencies.
The Ninth Circuit did not know exactly how to classify these communications under the Wiretap Act. The problem was that the Wiretap Act at in 1973 only recognized two sorts of communications: wire communications and oral communications. The radio transmissions at issue in Hall did not neatly fit into either, but the court in the language quoted by Google held that at least some of them were closer to “oral communications,” meaning, under the Act, they would only be protected if made with a reasonable expectation of privacy. The key to the court’s conclusion was the way in which the conversations were overheard. As the court noted, “[i]n the instant case, the eavesdroppers merely tuned their radio receivers to the proper station.” Nor was the private citizen using specialized equipment. “[Her] radio is not unique. The public may purchase similar sets on the open market and can listen to police and fire broadcasts, calls placed over the telephone companies’ mobile telephone network, etc.” I recall that my grandfather, no technological sophisticate, had one.
Google argues that devices for picking up Wi-Fi transmissions are just like the radio in Hall:
Network-analysis tools . . . are ubiquitous. They are sold by Cisco and other mainstream commercial providers, and indeed are included as a standard feature of Apple’s desktop operating system and offered by Microsoft as a free download for Windows. The tools needed to receive, store, and monitor data transmitted on nearby Wi-Fi networks thus are available to virtually anyone with a personal computer.
“Available,” perhaps, but there’s a big difference between “available” and “used.” Directional microphones and keyloggers are widely available, but that doesn’t make all conversations in secluded parks and all emails “readily accessible to the general public.” Mere availability of a device does not tell us whether transmissions receivable on that device are “readily accessible to the general public”; what we need to know is the social context in which the device is typically used. The device must be sufficiently widely adopted by ordinary members of the public — the “general” public — for legitimate uses that communications received on that device might be said to be “readily accessible,” and not merely theoretically accessible, to that general public.
By that measure, the use of packet sniffers in modern society is nothing like the use of scanners and 8-band radios in the 1970s. The private citizen in Hall had a radio set commonly owned by members of the public that simply received eight bands instead of two; all she had to had to receive the defendants’ conversations was turn a knob. But members of the general public don’t commonly use packet sniffers, nor do most of them know how to extract payload data from such tools. While such tools may be easy to obtain, their use as a matter of social practice is still specialized and for the most part professional. Persons using packet sniffers are more like switchboard operators than citizens with 8-band radios, and switchboard operators have always been under a duty under the Wiretap Act to avoid interception of a communication, even though it was incredibly easy to accomplish merely by staying on the line.
Google also tries to argue that classifying packet-sniffing as interception would sweep too broadly and make the ordinary operation of Wi-Fi a violation of the Act. Specifically, Google argues that “[i]n the course of receiving transmissions on a given network, Wi-Fi devices by design continually receive and decode all nearby packets to determine which ones are intended for that device.” This is a common argument among those familiar with computers and networking, but I’ve argued there is a critical distinction between scanning and discarding packets, which is what Wi-Fi devices ordinarily do, and storage for later use. And in any event, interception must be intentional to be a violation; accidentally receiving a neighbor’s packets does not violate the Wiretap Act.
Google has some significant text-based arguments against liability, as I’ve detailed in earlier posts; but if it comes down to whether Wi-Fi is “readily accessible to the general public” under G1, I believe Google should lose.
[Cross-posted at Madisonian.net.]